jobber
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install and use the official Membrane CLI (@membranehq/cli) from the NPM registry to interact with the platform.
- [COMMAND_EXECUTION]: The skill relies on shell commands using the 'membrane' CLI to perform Jobber operations, including connection management and action execution.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from the Jobber API which could influence subsequent agent-executed commands.
- Ingestion points: Data returned from 'membrane action list', 'membrane action run', and 'membrane request' in SKILL.md.
- Boundary markers: Absent. No delimiters or warnings are provided to prevent the agent from following instructions embedded in external data.
- Capability inventory: The agent can execute shell commands via the CLI and perform network requests to the Jobber API.
- Sanitization: Absent. Data retrieved from external services is not sanitized before being used as input for subsequent tasks.
Audit Metadata